Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Running Slow - No Virus Found With Kasper

Started by Andre Silva , Jul 15 2013 06:44 AM

  • Please log in to reply

#16
Andre Silva
Posted 16 July 2013 - 07:53 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Roger that, CompCav. Sorry for editing the post.

Computer seems to be running better. Here are the logs:

All processes killed
========== OTL ==========
C:\Users\Izilda\AppData\Roaming\AVG2013\cfgall folder moved successfully.
C:\Users\Izilda\AppData\Roaming\AVG2013 folder moved successfully.
========== FILES ==========
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\uninstall folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.MFC folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.ATL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\contents folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Installers\uninstall folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Installers folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sl_SI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sk_SK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hr_HR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\eu_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ca_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings\Recommended folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings\ExtraSettings folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Profiles\Recommended folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Profiles folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\AMT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\caps folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\backup folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\ARM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Adobe PCD\cache folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Adobe PCD folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Acrobat folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0\AdobeApplicationManager-1.0\update1 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0\AdobeApplicationManager-1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone V3 - Italian folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone V3 - English (American) folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack\win folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack\mac folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5 folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta folder moved successfully.
c:\users\izilda\downloads\keygen_coreldrawx6.rar.exe moved successfully.
c:\users\izilda\downloads\Scrapebox V1.15.66 CRACKED.rar.exe moved successfully.
c:\users\izilda\downloads\[katproxy.com]scrapebox.v1.15.66.cracked.rar.torrent moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Help files\GB18030 folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Help files folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Cracked dll folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI\VC10RT_x64 folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI\Transforms folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu] folder moved successfully.
c:\users\izilda\downloads\Adobe Dreamweaver CS5 [Win]-[CyberPiraten] folder moved successfully.
c:\users\izilda\downloads\Adobe_Photoshop_CS6_www.CPturbo.org.torrent moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Izilda\Desktop\cmd.bat deleted successfully.
C:\Users\Izilda\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Izilda
->Temp folder emptied: 7898084 bytes
->Temporary Internet Files folder emptied: 6898884 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16391152 bytes
->Google Chrome cache emptied: 12641474 bytes
->Flash cache emptied: 878 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07162013_223913

Files\Folders moved on Reboot...
C:\Users\Izilda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{619DF06F-4462-4C66-94D5-E2C560B6B3D3}.tmp not found!
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8B2F0C5E-1F45-407A-A9F7-82B8A31EBB46}.tmp not found!
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DA669CC7-420E-4A1D-835E-BB66F2F08F9F}.tmp not found!
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

CKScanner 2.3 - Additional Security Risks - These are not necessarily bad
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
c:\users\izilda\desktop\andre\guitar\17000midis[www.jwejem.com]\cinema\fantasia (the nutcracker) - cinema.mid
c:\_otl\movedfiles\07162013_204630\c_users\izilda\appdata\roaming\utorrent\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu].torrent
c:\_otl\movedfiles\07162013_204630\c_users\izilda\appdata\roaming\utorrent\scrapebox v1.15.66 cracked.rar.torrent
c:\_otl\movedfiles\07162013_223913\c_users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\readme.txt
c:\_otl\movedfiles\07162013_223913\c_users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\mac\mdm.dat
c:\_otl\movedfiles\07162013_223913\c_users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\keygen_coreldrawx6.rar.exe
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\scrapebox v1.15.66 cracked.rar.exe
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\[katproxy.com]scrapebox.v1.15.66.cracked.rar.torrent
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\chingliu.notes.nfo
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\how to open nfo files.txt
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\abcpy.ini
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\acropro.msi
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\data1.cab
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\setup.exe
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\setup.ini
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\windowsinstaller-kb893803-v2-x86.exe
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1025.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1028.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1029.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1030.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1031.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1033.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1034.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1035.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1036.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1037.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1038.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1040.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1041.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1042.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1043.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1044.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1045.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1046.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1049.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1051.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1053.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1055.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1058.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1060.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\2052.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\6156.mst
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\vc10rt_x64\vc_red.cab
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\vc10rt_x64\vc_red.msi
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\cracked dll\amtlib.dll
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\berime.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leame.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leesmij.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leggimi.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leiame.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\liesmich.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\lisezmoi.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\lueminut.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readme.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmecs.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmect.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmecze.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmehun.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmej.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmek.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmemea.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmemeh.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmepol.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmerus.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmesky.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmetur.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmeukr.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\vigtigt.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\viktig.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\viktigt.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\gb18030\readme.htm
c:\_otl\movedfiles\07162013_223913\c_users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\gb18030\readmecs.htm
scanner sequence 3.ZZ.11.BKLBIP
----- EOF -----
  • 0

Advertisements

#17
CompCav
Posted 16 July 2013 - 08:03 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Right click and select Run as administrator the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 2.

  • Right click OTL and select Run as administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    services.*
    svchost.exe
    /md5stop
    dir C:\ /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 3.

Please post:

  • OTL.txt
  • Extras.txt
  • aswMBR log

Is there any change in your symptoms?
  • 0

#18
Andre Silva
Posted 17 July 2013 - 10:18 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hello CompCav,

Here follows the logs. Computer seems to be running OK. It has been since our first steps.

All processes killed
========== OTL ==========
C:\Users\Izilda\AppData\Roaming\AVG2013\cfgall folder moved successfully.
C:\Users\Izilda\AppData\Roaming\AVG2013 folder moved successfully.
========== FILES ==========
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UNResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\RNResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\LWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\uninstall folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.MFC folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\Microsoft.VC90.ATL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\assets folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\en_GB folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\ZStringResources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_XM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fr_CA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_NA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_MX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_LA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\Dictionary folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources\contents folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\resources folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\OOBE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Installers\uninstall folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Installers folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_TW folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_CN folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\uk_UA folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\tr_TR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sv_SE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sl_SI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sk_SK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ru_RU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ro_RO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pt_BR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pl_PL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nl_NL folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nb_NO folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ko_KR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ja_JP folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\it_IT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hu_HU folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hr_HR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fr_FR folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fi_FI folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\eu_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\es_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\de_DE folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\da_DK folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\cs_CZ folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ca_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\HelpCfg folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sv_se folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sl_si folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pt_br folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\nb_no folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\it_it folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\es_es folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\en_us folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\de_de folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\da_dk folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X\using folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help\ca_es folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Help folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings\Recommended folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings\ExtraSettings folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Settings folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Profiles\Recommended folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\Profiles folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color\AMT folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Color folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\caps folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\backup folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\ARM folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Adobe PCD\cache folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Adobe PCD folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\Acrobat folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0\AdobeApplicationManager-1.0\update1 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0\AdobeApplicationManager-1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0 folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory folder moved successfully.
C:\Program Files (x86)\Common Files\Adobe folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone V3 - Italian folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone V3 - English (American) folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack\win folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack\mac folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5\Crack folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta\Rosetta Stone 3.4.5 folder moved successfully.
c:\users\izilda\desktop\applications\Rosetta folder moved successfully.
c:\users\izilda\downloads\keygen_coreldrawx6.rar.exe moved successfully.
c:\users\izilda\downloads\Scrapebox V1.15.66 CRACKED.rar.exe moved successfully.
c:\users\izilda\downloads\[katproxy.com]scrapebox.v1.15.66.cracked.rar.torrent moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Help files\GB18030 folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Help files folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Cracked dll folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI\VC10RT_x64 folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI\Transforms folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu]\Adobe Acrobat XI folder moved successfully.
c:\users\izilda\downloads\Adobe Acrobat XI Pro 11.0.0 Multilanguage (Cracked dll ) [ChingLiu] folder moved successfully.
c:\users\izilda\downloads\Adobe Dreamweaver CS5 [Win]-[CyberPiraten] folder moved successfully.
c:\users\izilda\downloads\Adobe_Photoshop_CS6_www.CPturbo.org.torrent moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Izilda\Desktop\cmd.bat deleted successfully.
C:\Users\Izilda\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Izilda
->Temp folder emptied: 7898084 bytes
->Temporary Internet Files folder emptied: 6898884 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16391152 bytes
->Google Chrome cache emptied: 12641474 bytes
->Flash cache emptied: 878 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07162013_223913

Files\Folders moved on Reboot...
C:\Users\Izilda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{619DF06F-4462-4C66-94D5-E2C560B6B3D3}.tmp not found!
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8B2F0C5E-1F45-407A-A9F7-82B8A31EBB46}.tmp not found!
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DA669CC7-420E-4A1D-835E-BB66F2F08F9F}.tmp not found!
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL Extras logfile created on: Jul/17/2013 1:22:50 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izilda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy

7.48 Gb Total Physical Memory | 4.97 Gb Available Physical Memory | 66.41% Memory free
14.96 Gb Paging File | 11.58 Gb Available in Paging File | 77.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 342.37 Gb Free Space | 59.14% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047DAC6B-DD59-4A6F-AA97-E2C44C3941B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{081FB466-6D11-40DB-9D51-B1ED1A22A7DF}" = lport=445 | protocol=6 | dir=in | app=system |
"{0882D903-2602-4A9A-BF52-B8C720B5C42D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DE04776-E1A2-42F3-9911-49E9A6673213}" = lport=138 | protocol=17 | dir=in | app=system |
"{10B612F9-4F01-4F5F-9C9B-728AF2102EE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{190FF045-F90F-4606-A0F5-7FA725A1E773}" = rport=138 | protocol=17 | dir=out | app=system |
"{195F1AB1-A6FE-44B1-9D27-0F11985267C1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{24B9FA7C-BB8A-4711-9E69-5A06BD033340}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2C1BF910-CFD9-4A73-AC45-8F0EC021F8B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31D921CA-FFB4-4409-AD53-CA83AEB3684D}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D48B4FB-FC56-480F-A15F-08279EA209DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{664F4ADD-1F44-4BDE-BF43-17A912DB37A8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{73EDDA0C-446D-4109-B9BD-A07E95FFE450}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{84C949BA-ED37-4A3B-A450-66F66E41F84F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{885F4752-954A-4446-B0FB-DC0027122D67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9432900-FE55-48CA-AF62-E643B617A2CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9AF81E3-F811-4440-9569-2B6C9B82B72A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BADB4D96-6331-433C-B34C-709CB447BDBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C27EA718-79C0-4281-A6A1-48EE8A20829E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4B9B12B-F77F-4D88-8D27-E1B8D918FD5F}" = rport=139 | protocol=6 | dir=out | app=system |
"{C4E5B854-AFA0-487A-9007-39D179DFB865}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C6F5852B-0EAC-4FA1-8A26-BB77EB76B35F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CCC799B3-C592-4952-8D2A-3E56623FD58B}" = rport=445 | protocol=6 | dir=out | app=system |
"{D08DCC11-D2E8-4577-8111-7E0D8C0829CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5B4E25C-AAEC-4DF6-803C-5551F8B23EAC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F01B11A3-F0DD-4B8A-AD71-2BEC654D9309}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F117D627-B9D2-45DE-8D1D-E4D70544FBA9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FF23FA-C03F-41F6-B672-A1158C053358}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0744E39B-86B3-416A-9C45-7EBD613B6203}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0832F537-B5DE-4BA7-B186-41EC8A9824C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08973A45-3B92-4242-878A-955222FF61F7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{14186D9D-8EC5-40DE-8623-53F2206CA127}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1BE2C065-43CD-482A-8A92-B1BD569245E6}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{20E612F3-411F-42DB-A07C-9A197F17FCB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22C06670-346E-4E35-A9F2-8B34834EDEA9}" = protocol=1 | dir=in | [email protected],-28543 |
"{2470AE16-97FA-4A69-8FA8-7894489A4927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27199C01-4CD9-42ED-A90C-59C0D76E185D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C2B16D8-D58B-40FA-A10E-78369D778C63}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2C2F152A-4331-4A2E-BC2F-B541409BA08F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2D82F084-CA4E-4BB9-8BC6-47237D2B0077}" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"{32986BDF-CA71-49C3-92AE-78DA43E5F8AF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{32DE1494-A10D-4CF1-82DB-A92EBC8045F2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{393DBC08-7B97-4EA8-AA87-DA6812742653}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41C0F111-8573-40E2-951C-9858B129C2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{4549B367-09C1-4D9B-B30D-BBBFD84F5F53}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{46BB3EBE-9F13-4A65-9D80-34BBBFF606CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47768F4A-36F0-4F72-9B36-58A8BEC9A50E}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{48A1A8C6-B484-413B-BB30-3CCEBD626CDE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{499DC023-98F4-4B2D-BD16-8F51F96B0EE1}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{49B7A486-67BE-4E17-9AE0-C534D6151D8A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{54209224-6486-423F-BDB0-F2C45A8338E0}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3bcb\hpdiagnosticcoreui.exe |
"{61046B67-7694-403D-A4C1-03A50B3E77B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{61FB4DDD-E966-4DBC-8192-A88A7C801EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"{63408D47-6BF4-486E-B25A-C559C573A235}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{650C1EAF-6645-4C3A-B90F-BC10567E39B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A0D444A-DBAD-413C-B341-A97828CB2483}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6BC24416-D0F9-43A6-991D-20067DC59B89}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{6E58916B-DFE0-4084-9688-2A14405ABF7E}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{75B60678-3F70-442A-A465-F1300CE55F9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76DEAA23-05BD-4C77-BDEA-272CAB548797}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{78633346-747B-48D9-AF66-1D90B6AEB755}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3ff4\hpdiagnosticcoreui.exe |
"{7A9C1DBA-BEA9-418A-86D8-92F86E4499BC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7F49C17A-969E-4D4C-815D-2C8E5DA5B723}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{841064A0-DD32-425E-BC26-38AA4ED88090}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86A1D3B3-C426-4AB9-8B94-5B5514DE8A7A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{86A68234-BDE7-4E8A-AFC9-CB44BF0C1B23}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs49ef\hpdiagnosticcoreui.exe |
"{86DA8AA0-5D9B-47C6-AF67-BCFFBBE1B5CD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8BC4627F-4ECC-4378-BD81-B2816F0DB921}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8C747E2F-1D76-4E4A-B216-ABFD9EBE39DB}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs485a\hpdiagnosticcoreui.exe |
"{94A39B87-F510-4FFB-97E2-B0CCE678F059}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A707C84A-D1E0-4733-A1F4-AF6BC6CF44C0}" = protocol=58 | dir=in | [email protected],-28545 |
"{A8D4FAD6-7A67-4A71-8F1C-48490820AF86}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{AA22F5D6-E1ED-478E-8DA0-9B244E263DCC}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{AFAFF6A5-D3ED-4CBA-BCAE-732E1CB1D2E7}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs485a\hpdiagnosticcoreui.exe |
"{B2A4F6D9-8369-4D6A-AC17-B188DEC22635}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3bcb\hpdiagnosticcoreui.exe |
"{BCF46097-2EDB-4ADA-B576-7442714B4FBD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C225BBC8-0D89-4AF5-8083-5CAAB5273696}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{C27207AC-B657-4E51-B683-478E4A7812E1}" = dir=in | app=c:\users\izilda\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C2C44D80-846C-42E2-9E8B-3E9FDE0D36EE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C2F2DEEF-BFCF-4FA3-BDDD-EA3AF27A0478}" = protocol=6 | dir=out | app=system |
"{CD7C22F4-F4C9-428D-970E-D352CA9AF695}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{D0718773-F0AA-4D44-8985-FB25ABB7C338}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{D1E5B989-E070-4343-9846-ADDBFD7B7EB4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB13E1D9-2537-46EF-9C7E-B255F6A45E15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB45E44B-A2B0-4D54-BFD6-1D4913D03E04}" = protocol=58 | dir=out | [email protected],-28546 |
"{E44A6FD6-BD52-4B5C-9D38-5E634DD7BE9D}" = protocol=1 | dir=out | [email protected],-28544 |
"{E48E7E5E-590C-471D-8C6B-255DE95632BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7806723-D13D-478B-8824-135ACABE4283}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E9132731-9CB3-4DD9-A65C-63BBF1FD2010}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EC6AA108-6172-474D-B55E-BD4801EC788A}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3ff4\hpdiagnosticcoreui.exe |
"{F0914BBC-DC13-4797-8810-163E54F4FA79}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs49ef\hpdiagnosticcoreui.exe |
"{F89D8123-9C57-4D1F-80CB-A45F09C0518C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FA36F8F7-6579-4DE8-BA01-A77CD7CD88FB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"TCP Query User{066F045E-BA38-462E-99F7-4E313F8F4AD5}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe |
"TCP Query User{116B434C-876A-47B0-9137-C705480B62C6}C:\program files (x86)\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia relay bundle\tor\tor.exe |
"TCP Query User{270748A8-36BB-4A3F-BD35-1A037D1958F1}C:\program files (x86)\cain\cain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"TCP Query User{44EE40A1-1014-4814-8140-06DAF593DE92}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{83DE9CF2-05D4-4E15-B7C8-4F063839E228}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"TCP Query User{93757994-E8F3-48BD-BE9F-058E764336DE}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{9894D36B-CEFA-4F80-84AF-8E55BC7428CC}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"TCP Query User{9F1A7D8E-A265-4246-B026-6F69D5495520}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"TCP Query User{B45E1660-5987-44CB-8269-95B8C415CFD3}C:\program files (x86)\vono\vono\vono.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"TCP Query User{B9C407F4-5253-4726-9BAB-0E1C3E8CEAA4}C:\program files (x86)\vono\vono\vono.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"UDP Query User{285FAAA9-BF6C-4EC4-87D1-AB17A867B156}C:\program files (x86)\vono\vono\vono.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"UDP Query User{2F7CA29A-C461-4BEE-8FA2-A15FC19A858C}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe |
"UDP Query User{4BAAD0B2-4158-4A3B-8FF6-FD8E8C31D60A}C:\program files (x86)\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia relay bundle\tor\tor.exe |
"UDP Query User{8B98068F-D309-48A4-8212-11F4FBED4265}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"UDP Query User{B5182445-81B6-4863-8F6E-4DB409F208A2}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{CE2FB06C-EAEA-401C-B8F6-0C719C597ACD}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"UDP Query User{D3AADE08-6F72-4DD4-BA1A-C908F69CFC02}C:\program files (x86)\cain\cain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"UDP Query User{DDF691BF-0E0A-4D1B-B727-3DFA4BFD338F}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"UDP Query User{EA79CD8E-6132-48C5-B8C5-F7506064272D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{EFCD6E70-3783-4078-B583-4098DBBA5AFE}C:\program files (x86)\vono\vono\vono.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26AF7BC7-DB35-B7C5-3169-29BC62835C48}" = AMD Fuel
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}" = Nitro Reader 3
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5601F151-A69F-4E30-8C60-37928124CD07}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71F13BA8-96D0-F281-6473-196A5842C6CF}" = ccc-utility64
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{942836D4-5395-652B-F1E8-A7C5B039910C}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB1A2FE6-2BDF-DECC-C91B-4E5FFD59C5D6}" = WMV9/VC-1 Video Playback
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PDF Creator" = PDF Creator
"Stellarium_is1" = Stellarium 0.12.0
"SynTPDeinstKey" = Synaptics TouchPad Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
".IAP{0000.0000.0005.0001}" = Vono
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C262D84-FFA4-4621-8ED7-41F8287369F5}" = Google Apps Migration For Microsoft Outlook® 2.3.12.34
"{0D1B9D71-7EB6-70DA-DB23-E14F59A14E1D}" = AMD VISION Engine Control Center
"{0DC33570-D9E6-9189-7143-612F34DC317B}" = CCC Help Danish
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F69006A-CD2F-4C12-A786-C659C8F98423}" = Catalyst Control Center - Branding
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15822027-43D3-C69F-40EF-2AF83AA781AA}" = CCC Help English
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D04A14D-6C97-19C1-CA9D-FDDE5EAE1026}" = CCC Help Chinese Standard
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}" = HP Quick Launch
"{28FE073B-1230-4BF6-830C-7434FD0C0069}" = HP Software Framework
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B37E43D-10AB-9D24-7234-31929A3A7D11}" = CCC Help German
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33530062-0419-71CE-3BD3-13D7D5E4C7DE}" = CCC Help French
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1" = Módulo de Segurança - Banco do Brasil
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{388A15E4-7507-CD40-4DBA-F78B4BBEB56E}" = CCC Help Japanese
"{442D8477-F1A6-4C62-8F89-D5BCDF81A298}" = bcWebCam
"{448B78CF-4A52-191D-1436-54D039B382DB}" = CCC Help Spanish
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{521FA973-C4C9-249D-5CF6-0A6F7B18F7DC}" = CCC Help Greek
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1" = Módulo Adicional de Segurança CAIXA
"{5ED3BAF3-DA06-038D-F21E-AB35404626D4}" = CCC Help Dutch
"{60C44315-A107-D3F6-B868-52AC0481ED6B}" = CCC Help Finnish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6522241B-09FE-B16D-0E23-9485424507EB}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68EAD428-8B16-4CE3-832B-6E63B11852C0}" = VOIP Recorder
"{6A061262-C2B2-78E2-9BF8-32D3BDD68C43}" = Catalyst Control Center InstallProxy
"{6B075E9F-4D23-0883-F66C-C698E949CD90}" = Catalyst Control Center Graphics Previews Common
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{794A3AB9-DB12-1115-33B2-29C5DDD1DCD4}" = CCC Help Chinese Traditional
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager
"{803E2C5C-E39B-BEBA-4046-6C0CF7695DA4}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9325A80A-C2B4-141E-952E-30589770A79B}" = CCC Help Turkish
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EAAB95B-17B6-43CF-B4E9-4A90937C83FD}" = Blio
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7393DB5-6CAB-70A7-4A5E-C96AF518858A}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C3579810-5AC8-545D-089D-6735792490B5}" = CCC Help Thai
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C915103C-F9E5-8989-233C-367DCFB07652}" = CCC Help Italian
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE8EF688-BD0E-29E2-3472-E23CC6AB0C98}" = CCC Help Polish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D811186E-06BC-F7D3-E10B-4C7450F88611}" = CCC Help Swedish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
"{E45832B8-C3E6-C26B-A038-4599DCAC1F17}" = CCC Help Norwegian
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F023440E-6D03-1AB2-1414-27A62074556C}" = CCC Help Portuguese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7A9EFFB-F905-FA4D-A431-06B1E0A5EE5A}" = CCC Help Czech
"{F92679BF-CA1F-4DD3-8269-A40A9AD873B1}" = Google Apps Sync™ for Microsoft Outlook® 3.2.353.947
"{FD8966E8-8227-9180-51D2-F1C75D3222B8}" = CCC Help Russian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced Email Extractor PRO" = Advanced Email Extractor PRO
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Ashampoo Burning Studio 12_is1" = Ashampoo Burning Studio 12 v.12.0.1
"ColorMania_is1" = ColorMania 3.2
"EasyBits Magic Desktop" = Magic Desktop
"ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5" = Receitanet
"Files Opened" = Files Opened
"FileZilla Client" = FileZilla Client 3.7.0.2
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IRPF2012" = IRPF2012 - Declaraçăo de Ajuste Anual, Final de Espólio e Saída Definitiva do País
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"midicairus Toolbar" = midicairus Toolbar
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenSubtitlesPlayer_is1" = OpenSubtitlesPlayer V4.X
"OrolixCommunicator" = TIM Communicator
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PROPLUS" = Microsoft Office Professional Plus 2007
"seopowersuite" = SEO SpyGlass
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VIVO INTERNET" = VIVO INTERNET
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - Jan/23/2013 6:49:40 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/24/2013 8:29:44 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/24/2013 9:05:37 AM | Computer Name = Izilda-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - Jan/24/2013 10:05:34 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 7:29:38 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 1:14:25 PM | Computer Name = Izilda-HP | Source = Application Hang | ID = 1002
Description = The program Dreamweaver.exe version 11.0.0.4909 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c64 Start
Time: 01cdfb1f588caf51 Termination Time: 24 Application Path: C:\Program Files (x86)\Adobe\Adobe
Dreamweaver CS5\Dreamweaver.exe Report Id: 9d90840f-6712-11e2-8254-101f741bcc01

Error - Jan/25/2013 1:36:01 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 8:36:58 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 10:31:12 PM | Computer Name = Izilda-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - Jan/26/2013 4:47:50 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - Jun/4/2012 11:42:03 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 4000
Description =

Error - Sep/2/2012 4:11:22 PM | Computer Name = Izilda-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/14cdefc7_b061_4539_971f_3b07cf761139/mdx9qbih4mrkm2ps38st2ds5_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 7658 Ram Utilization: TargetSite: Void UpdateDetail(System.String)

Error - Sep/10/2012 10:07:32 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 4000
Description =

Error - Nov/19/2012 8:59:37 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 8:59:51 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 10:13:50 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 11:14:26 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 11:40:35 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/25/2012 3:45:57 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
7658 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - Nov/25/2012 3:45:57 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
7658 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

[ HP Connection Manager Events ]
Error - Jul/13/2013 3:38:29 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 16:38:29.938|00001BB4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 3:38:36 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 16:38:36.619|00001BB4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 5:49:55 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 18:49:55.564|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 5:49:56 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 18:49:56.687|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 9:55:36 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 10:55:36.089|0000124C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 10:03:59 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 11:03:59.667|00000E24|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 7:53:14 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 20:53:14.176|000013B8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 7:53:15 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 20:53:15.829|000013B8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 9:40:50 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 22:40:50.163|00000FFC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 9:40:57 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 22:40:57.263|00000FFC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Software Framework Events ]
Error - Nov/12/2012 7:46:35 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/12 09:46:35.940|0000158C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/12/2012 1:16:09 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/12 15:16:09.228|00001548|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/13/2012 9:30:33 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/13 11:30:33.228|000011DC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/15/2012 10:46:46 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/15 12:46:46.715|000012B4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/16/2012 9:31:13 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/16 11:31:13.981|0000148C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/16/2012 8:45:03 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/16 22:45:03.283|000011C0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/17/2012 10:10:46 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/17 12:10:46.525|00001290|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/18/2012 3:49:42 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/18 17:49:42.724|00000F58|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/18/2012 7:23:35 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/18 21:23:35.522|000011A8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/19/2012 7:46:09 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/19 09:46:09.273|000013B8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

[ OSession Events ]
Error - Jun/27/2013 1:06:20 PM | Computer Name = Izilda-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 65563
seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - Jul/8/2013 10:12:45 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/10/2013 2:19:12 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/10/2013 2:56:52 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:41 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:42 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:43 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/12/2013 1:09:09 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/16/2013 7:29:05 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/16/2013 7:46:30 PM | Computer Name = Izilda-HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).

Error - Jul/16/2013 9:39:14 PM | Computer Name = Izilda-HP | Source = Service Control Manager | ID = 7034
Description = The TrueSuiteService service terminated unexpectedly. It has done
this 1 time(s).


< End of report >

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-16 23:13:51
-----------------------------
23:13:51.461 OS Version: Windows x64 6.1.7601 Service Pack 1
23:13:51.462 Number of processors: 4 586 0x100
23:13:51.463 ComputerName: IZILDA-HP UserName: Izilda
23:13:54.158 Initialize success
23:19:53.341 AVAST engine defs: 13071601
23:42:12.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006b
23:42:12.918 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
23:42:13.065 Disk 0 MBR read successfully
23:42:13.069 Disk 0 MBR scan
23:42:13.076 Disk 0 Windows 7 default MBR code
23:42:13.080 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
23:42:13.090 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 592813 MB offset 409600
23:42:13.128 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17363 MB offset 1214490624
23:42:13.147 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
23:42:13.319 Disk 0 scanning C:\Windows\system32\drivers
23:42:27.176 Service scanning
23:43:06.440 Modules scanning
23:43:06.451 Disk 0 trace - called modules:
23:43:06.478 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
23:43:06.492 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007230060]
23:43:06.506 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> [0xfffffa8007078b10]
23:43:06.516 5 hpdskflt.sys[fffff88001ff6189] -> nt!IofCallDriver -> [0xfffffa8006ba5ac0]
23:43:06.524 7 amd_xata.sys[fffff880018d3a1d] -> nt!IofCallDriver -> [0xfffffa8006ba24f0]
23:43:06.530 9 ACPI.sys[fffff88000f477a1] -> nt!IofCallDriver -> \Device\0000006b[0xfffffa8006b90060]
23:43:08.891 AVAST engine scan C:\Windows
23:43:15.835 AVAST engine scan C:\Windows\system32
23:50:49.435 AVAST engine scan C:\Windows\system32\drivers
23:51:06.603 AVAST engine scan C:\Users\Izilda
23:57:33.801 Disk 0 MBR has been saved successfully to "C:\Users\Izilda\Desktop\MBR.dat"
23:57:33.813 The log file has been saved successfully to "C:\Users\Izilda\Desktop\aswMBR.txt"
  • 0

#19
CompCav
Posted 17 July 2013 - 11:05 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please post the latest OTL.txt file as well.
  • 0

#20
Andre Silva
Posted 17 July 2013 - 12:05 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hello CompCav,

OTL did not generate a log this time. I ran it as administrator from the desktop space. Any hints, please?
  • 0

#21
Andre Silva
Posted 17 July 2013 - 12:11 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
CompCav,

I think I found it. Here it goes:

OTL logfile created on: Jul/17/2013 1:21:53 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izilda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy

7.48 Gb Total Physical Memory | 4.24 Gb Available Physical Memory | 56.68% Memory free
14.96 Gb Paging File | 10.85 Gb Available in Paging File | 72.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 344.07 Gb Free Space | 59.43% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/09 23:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
PRC - [2013/07/04 15:53:48 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe
PRC - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe
PRC - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/11/27 21:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/02/21 17:53:08 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
PRC - [2011/08/19 16:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/11 16:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/22 15:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/03/14 12:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 02:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 02:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/07/27 15:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe
PRC - [2003/05/08 14:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 15:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/07/10 03:47:35 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\c9786062fbb311c543497e28c1e1a0c5\CustomMarshalers.ni.dll
MOD - [2013/07/10 03:21:43 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ea5ee4386d67f4b432a27c40fbff93c\System.Windows.Forms.ni.dll
MOD - [2013/07/10 03:21:37 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a1c174e579c9ad4e5b6eeed8a58a721b\System.Core.ni.dll
MOD - [2013/07/10 03:21:31 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4787bb699ed4291859fb86f15d793add\System.Drawing.ni.dll
MOD - [2013/07/10 03:21:26 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8a6d1c8abeb8eb82f06c7d075130cc67\System.ni.dll
MOD - [2013/07/10 03:12:26 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/04 15:53:48 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/09/11 02:34:39 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/02/08 00:21:04 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/08 00:21:03 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/15 20:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 20:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/02 03:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 06:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/07/04 15:53:48 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Program Files (x86)\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) [Auto | Running] -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe -- (Vono_Manager)
SRV - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) [Auto | Running] -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe -- (OrolixDeviceMonitor)
SRV - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/14 12:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011/03/07 21:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 14:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/25 14:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 11:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012/03/26 13:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/08 00:21:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/02 13:23:22 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/10/14 05:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/15 20:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 19:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/09 10:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/09/09 10:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/09/09 10:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/08/29 21:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 21:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/22 13:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/19 12:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/07/12 18:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 20:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 20:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/15 18:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 18:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 21:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010/12/16 05:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 13:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/27 08:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/06/25 14:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/03/20 11:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2010/02/18 13:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 18:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 18:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 18:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/05/08 09:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...searchTerms}&r=
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...urceid=ie7&rlz=
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E886D%7D:3.2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/bb: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/cef: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2013/06/19 15:30:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886C}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi [2013/07/16 11:08:33 | 000,013,596 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/19 21:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Extensions
[2013/07/16 20:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions
[2013/05/28 01:22:44 | 000,000,000 | ---D | M] (Guardiao Itau Unibanco) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/04 15:53:43 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/04 15:53:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/19 15:30:43 | 000,000,000 | ---D | M] (Modulo de Protecao - Caixa Economica Federal) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\CEF\XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: Google Docs = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Safe Money = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Content Blocker = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtual Keyboard = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: GBBD Caixa Economica Federal = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.2.0_0\
CHR - Extension: GBBD Banco do Brasil = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh\3.0.0_0\
CHR - Extension: Gmail = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2013/07/16 22:39:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (4sharedExt) - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt64.dll File not found
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" File not found
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [ALLUpdate] C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Facebook Update] C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Google Update] C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DD97968-7B59-48B2-AA1F-E19CF22C8A45}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/16 23:12:04 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Izilda\Desktop\aswMBR.exe
[2013/07/16 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{33615BDC-8917-4512-AE0F-757124B44CE8}
[2013/07/16 20:46:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/16 20:31:44 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2013/07/16 20:11:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/16 11:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/07/16 10:56:52 | 000,031,088 | ---- | C] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2013/07/16 04:13:46 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{78A4EC10-3130-4748-8172-374730F18B25}
[2013/07/15 21:47:38 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\Pri Netbook
[2013/07/15 16:13:34 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{F542D360-97A9-4B71-A44E-32EEB6BE87BE}
[2013/07/14 21:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{7F376A60-8057-4975-82C9-180BA8408DAA}
[2013/07/13 10:24:33 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{709002C6-B7E9-4A29-8A0D-2040B4508917}
[2013/07/12 13:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/07/12 13:24:40 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/12 13:24:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/12 13:24:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/12 13:24:34 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/12 13:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/07/11 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{E9036531-A395-48A3-B556-A01C5105455D}
[2013/07/11 09:54:20 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/11 09:54:20 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/11 09:54:18 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/11 09:54:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/11 09:54:18 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/11 09:54:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 09:54:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/11 09:54:18 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/11 09:54:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/11 09:54:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/11 09:54:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/11 09:54:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/11 09:54:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/11 09:54:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/11 09:54:14 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/10 11:09:17 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{DD55C85F-92B9-4220-BD77-13277D5A5792}
[2013/07/10 03:06:09 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/10 03:06:09 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/10 03:06:05 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/10 03:06:04 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/10 03:04:56 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/09 23:12:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
[2013/07/09 13:46:02 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B25A8061-FCC9-4919-B44A-070025B01448}
[2013/07/08 22:59:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{53856E5D-9584-47D1-9631-DE0605A13B5E}
[2013/07/07 21:12:27 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B7510D62-D963-4EAF-B157-4783E7A3153A}
[2013/07/06 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{4150692B-F6FB-41F4-9145-C5641930319D}
[2013/07/05 14:32:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\beatriz
[2013/07/05 11:21:49 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{AB2FF86A-C266-47AC-BCBB-EBD57A5D516D}
[2013/07/04 15:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/03 09:01:50 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{3B7F2930-D7BD-4C60-9B5F-A050AF7C0C45}
[2013/07/02 01:33:44 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{8D726334-3E79-4320-B0E4-1C9C5EC5FBA5}
[2013/07/02 00:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013/07/01 23:50:48 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013/07/01 23:49:58 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/07/01 23:49:35 | 000,620,128 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/01 23:49:35 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/01 10:38:19 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{A0CF4E07-E9D0-4993-A759-16D96CB11B34}
[2013/06/29 11:30:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{49C35701-B107-49A4-B352-9E7DF7BBB4D6}
[2013/06/28 10:18:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{BC767DF4-05C2-41AF-BF2D-C211199EB61F}
[2013/06/27 18:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded
[2013/06/27 18:05:25 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B8B60196-80CC-49A8-B6A0-DDBDBE0E26C4}
[2013/06/26 13:35:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B4E8753A-8D27-4248-8129-6C5F98EDCA27}
[2013/06/25 11:22:07 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{CC2ED4AF-446C-4B8F-B5BD-35B945E06310}
[2013/06/24 22:36:03 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{259D12F7-8180-49B2-BB90-0C304CEB1436}
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2013/06/19 15:48:42 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2013/06/19 15:48:42 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2013/06/19 15:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\GAS Tecnologia
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GAS Tecnologia

========== Files - Modified Within 30 Days ==========

[2013/07/17 13:11:39 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/17 13:11:39 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/17 13:11:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/17 10:55:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/17 09:33:20 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/16 23:57:33 | 000,000,512 | ---- | M] () -- C:\Users\Izilda\Desktop\MBR.dat
[2013/07/16 23:12:39 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Izilda\Desktop\aswMBR.exe
[2013/07/16 22:52:05 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 22:52:05 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 22:42:29 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/16 22:42:04 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/07/16 22:41:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2013/07/16 22:41:57 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2013/07/16 22:41:57 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2013/07/16 22:41:57 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2013/07/16 22:41:57 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
[2013/07/16 22:41:46 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/16 22:39:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/07/16 21:03:32 | 000,459,264 | ---- | M] () -- C:\Users\Izilda\Desktop\CKScanner.exe
[2013/07/16 15:53:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/16 10:48:29 | 000,012,739 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins001.dat
[2013/07/16 10:48:21 | 000,720,082 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins001.exe
[2013/07/13 19:31:06 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/13 19:31:06 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/13 19:31:06 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/13 11:04:26 | 000,001,456 | ---- | M] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/07/13 10:53:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/12 13:24:26 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/12 13:24:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/12 13:24:26 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/12 13:24:25 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/07/12 13:24:25 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/11 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2013/07/11 21:01:25 | 000,000,132 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/07/11 10:02:26 | 005,000,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/11 09:58:23 | 000,246,207 | ---- | M] () -- C:\Users\Izilda\.ranktracker.properties
[2013/07/09 23:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
[2013/07/04 17:17:07 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIZILDA-HP$.job
[2013/07/03 11:48:42 | 000,004,096 | -H-- | M] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2013/07/02 01:44:43 | 000,001,292 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013/07/02 01:41:53 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/07/02 00:43:20 | 000,002,277 | ---- | M] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys
[2013/07/02 00:35:27 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/02 00:08:55 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/07/01 23:50:49 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/07/01 10:18:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIzilda.job
[2013/06/25 02:11:26 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/19 15:48:40 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:30:45 | 000,012,679 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/06/19 15:30:42 | 000,720,594 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/17 15:01:52 | 000,183,185 | ---- | M] () -- C:\Users\Izilda\.spyglass.properties

========== Files Created - No Company Name ==========

[2013/07/16 23:57:33 | 000,000,512 | ---- | C] () -- C:\Users\Izilda\Desktop\MBR.dat
[2013/07/16 21:03:27 | 000,459,264 | ---- | C] () -- C:\Users\Izilda\Desktop\CKScanner.exe
[2013/07/16 10:56:52 | 000,010,266 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2013/07/16 10:56:52 | 000,003,641 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2013/07/16 10:56:52 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2013/07/16 10:56:52 | 000,001,402 | ---- | C] () -- C:\Windows\SysWow64\drivers\gas.cer
[2013/07/16 10:48:25 | 000,720,082 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.exe
[2013/07/16 10:48:25 | 000,012,739 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.dat
[2013/07/02 00:43:20 | 000,002,277 | ---- | C] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:42:08 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/06/19 15:48:40 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:48:39 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013/06/19 15:30:43 | 000,720,594 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/19 15:30:43 | 000,012,679 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/05/30 22:17:35 | 000,183,185 | ---- | C] () -- C:\Users\Izilda\.spyglass.properties
[2013/05/08 00:04:57 | 000,009,327 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
[2013/03/30 00:41:17 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/30 00:41:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013/01/15 21:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\CCSETX64.SYS
[2012/12/24 19:41:11 | 000,009,330 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
[2012/11/17 01:07:04 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/11/12 22:20:34 | 000,000,892 | ---- | C] () -- C:\Users\Izilda\AppData\Local\recently-used.xbel
[2012/10/15 13:50:32 | 000,004,096 | -H-- | C] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2012/09/26 16:32:48 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/09/24 00:32:08 | 000,001,456 | ---- | C] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/09/22 01:29:31 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/09/20 03:19:56 | 000,246,207 | ---- | C] () -- C:\Users\Izilda\.ranktracker.properties
[2012/04/28 23:18:27 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/03/19 20:10:17 | 000,014,012 | ---- | C] () -- C:\Windows\hplj1010.ini
[2012/02/18 21:17:24 | 000,000,074 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/05 22:37:15 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/01/23 21:10:15 | 000,000,556 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012/01/14 19:37:01 | 000,000,477 | ---- | C] () -- C:\Users\Izilda\Desktop.lnk
[2011/10/06 14:22:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/06 14:14:52 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/06 14:02:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/08/29 22:40:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/01 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/02/01 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/01/05 23:59:11 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Ashampoo
[2012/01/15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Blio
[2012/12/16 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/19 15:36:34 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Downloaded Installations
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/14 02:05:55 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileZilla
[2013/03/15 17:16:39 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\MP3SkypeRecorder
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/07/16 14:11:52 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro PDF
[2013/05/06 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Oracle
[2013/06/28 15:58:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\PrimoPDF
[2012/01/23 21:10:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\ScanSoft
[2013/01/07 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/15 00:38:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Stellarium
[2012/01/14 19:39:13 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Synaptics
[2013/03/06 10:38:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TeamViewer
[2012/09/19 02:18:29 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Thunderbird
[2013/01/15 21:45:05 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TuneUp Software
[2012/12/15 10:30:12 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET
[2013/03/08 20:13:09 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Vono
[2012/09/20 02:19:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\WildTangent
[2012/02/11 23:45:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 22:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 02:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 22:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/21 00:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/21 00:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 22:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 22:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 19:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/05/13 02:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/05/13 01:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/21 00:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/21 00:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 00:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/08/29 21:52:51 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 22:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 22:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 22:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 22:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/21 00:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 22:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 22:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 22:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 22:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 22:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 14:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 22:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 08:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 03:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 22:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/21 00:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/21 00:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/21 00:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 22:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/21 00:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/21 00:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 00:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/21 00:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/21 00:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 00:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 22:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 02:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/21 00:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/21 00:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/21 00:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/21 00:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/21 00:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/21 00:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/21 00:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/21 00:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 00:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 22:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 19:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/21 00:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 22:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/21 00:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 00:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 00:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 18:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 02:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 02:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 02:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/16 01:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 02:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/16 01:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/16 01:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/16 01:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/16 01:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/16 01:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/16 01:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/16 01:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/16 01:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/16 01:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/16 01:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/16 01:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/16 01:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/16 01:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/16 01:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/16 01:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/16 01:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/16 01:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/16 01:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/16 01:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/16 01:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/16 01:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/16 01:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/16 01:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/16 01:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/16 01:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2013/05/10 04:57:30 | 000,558,879 | ---- | M] () MD5=3679F8D3253DC110D1D8F2AE115EE00C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/11/16 01:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.CSS >
[2010/08/31 17:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2010/08/31 17:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css

< MD5 for: SERVICES.EXE >
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 04:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 04:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.HTML >
[2013/06/11 13:44:18 | 000,033,542 | ---- | M] () MD5=7E44E509EC9D2F03443B8EB1D485ADA5 -- C:\Users\Izilda\Desktop\Doctor Virtual\Mockup\dv_web_design_ideas\design-HTML-2\services.html

< MD5 for: SERVICES.JSM >
[2012/01/05 08:28:02 | 000,004,403 | ---- | M] () MD5=E17B4B01394865B299FFF1EE42888A44 -- C:\Users\Izilda\Desktop\Temporario\TOR\Tor Browser\FirefoxPortable\App\Firefox\modules\Services.jsm

< MD5 for: SERVICES.LNK >
[2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 04:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 04:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 04:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 04:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PHP >
[2011/12/25 20:00:00 | 000,003,257 | ---- | M] () MD5=B124E2AAC3529AC9026F9B098E32C10F -- C:\Users\Izilda\Desktop\Applications\WHMCS\modules\reports\services.php

< MD5 for: SERVICES.PTXML >
[2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.XML >
[2010/06/28 13:42:00 | 000,000,838 | ---- | M] () MD5=DA6D6BBAB9412B2589D9C869B1F4EAFC -- C:\ProgramData\OrolixCommunicator\etc\cache\services.xml
[2010/06/28 13:42:00 | 000,000,838 | ---- | M] () MD5=DA6D6BBAB9412B2589D9C869B1F4EAFC -- C:\Users\All Users\OrolixCommunicator\etc\cache\services.xml

< MD5 for: SVCHOST.EXE >
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 00:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 00:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 00:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 00:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 00:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 00:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 1464-F26B
Directory of C:\
Jul/14/2009 02:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\Evernote
Aug/29/2011 10:19 PM <SYMLINKD> Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
0 File(s) 0 bytes
Directory of C:\ProgramData
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
Jul/14/2009 02:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
Jul/14/2009 02:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
Jul/14/2009 02:08 AM <SYMLINKD> All Users [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
Jul/14/2009 02:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
Jul/14/2009 02:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
Jul/14/2009 02:08 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
Jul/14/2009 02:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
Jul/14/2009 02:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
Jul/14/2009 02:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
Jul/14/2009 02:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
Jul/14/2009 02:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
Jul/14/2009 02:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
Jul/14/2009 02:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
Jul/14/2009 02:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
Jul/14/2009 02:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
Jul/14/2009 02:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
Jul/14/2009 02:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Izilda
Jan/14/2012 07:24 PM <JUNCTION> Application Data [C:\Users\Izilda\AppData\Roaming]
Jan/14/2012 07:24 PM <JUNCTION> Cookies [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Cookies]
Jan/14/2012 07:24 PM <JUNCTION> Local Settings [C:\Users\Izilda\AppData\Local]
Jan/14/2012 07:24 PM <JUNCTION> My Documents [C:\Users\Izilda\Documents]
Jan/14/2012 07:24 PM <JUNCTION> NetHood [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
Jan/14/2012 07:24 PM <JUNCTION> PrintHood [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
Jan/14/2012 07:24 PM <JUNCTION> Recent [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Recent]
Jan/14/2012 07:24 PM <JUNCTION> SendTo [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\SendTo]
Jan/14/2012 07:24 PM <JUNCTION> Start Menu [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu]
Jan/14/2012 07:24 PM <JUNCTION> Templates [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Izilda\AppData\Local
Jan/14/2012 07:24 PM <JUNCTION> Application Data [C:\Users\Izilda\AppData\Local]
Jan/14/2012 07:24 PM <JUNCTION> History [C:\Users\Izilda\AppData\Local\Microsoft\Windows\History]
Jan/14/2012 07:24 PM <JUNCTION> Temporary Internet Files [C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Izilda\Documents
Jan/14/2012 07:24 PM <JUNCTION> My Music [C:\Users\Izilda\Music]
Jan/14/2012 07:24 PM <JUNCTION> My Pictures [C:\Users\Izilda\Pictures]
Jan/14/2012 07:24 PM <JUNCTION> My Videos [C:\Users\Izilda\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
Jul/14/2009 02:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
Jul/14/2009 02:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
Jul/14/2009 02:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
51 Dir(s) 369,304,305,664 bytes free

< End of report >
  • 0

#22
Andre Silva
Posted 17 July 2013 - 01:07 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Or this one?

OTL logfile created on: Jul/17/2013 1:22:50 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izilda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy

7.48 Gb Total Physical Memory | 4.97 Gb Available Physical Memory | 66.41% Memory free
14.96 Gb Paging File | 11.58 Gb Available in Paging File | 77.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 342.37 Gb Free Space | 59.14% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/12 15:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/09 23:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
PRC - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe
PRC - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe
PRC - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/11/27 21:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/02/21 17:53:08 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
PRC - [2011/08/19 16:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/11 16:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/22 15:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/03/14 12:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 02:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 02:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/07/27 15:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe
PRC - [2003/05/08 14:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 15:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/05/26 12:53:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/09/11 02:34:39 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/02/08 00:21:04 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/08 00:21:03 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/15 20:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 20:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/02 03:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 06:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/07/04 15:53:48 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/23 10:48:10 | 000,410,152 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Program Files (x86)\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) [Auto | Running] -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe -- (Vono_Manager)
SRV - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) [Auto | Running] -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe -- (OrolixDeviceMonitor)
SRV - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/14 12:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011/03/07 21:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 14:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/25 14:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 11:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012/03/26 13:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/08 00:21:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/02 13:23:22 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/10/14 05:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/15 20:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 19:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/09 10:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/09/09 10:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/09/09 10:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/08/29 21:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 21:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/22 13:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/19 12:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/07/12 18:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 20:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 20:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/15 18:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 18:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 21:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010/12/16 05:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 13:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/27 08:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/06/25 14:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/03/20 11:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2010/02/18 13:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 18:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 18:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 18:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/05/08 09:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...searchTerms}&r=
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...urceid=ie7&rlz=
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E886D%7D:3.2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/bb: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/cef: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2013/06/19 15:30:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886C}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\sf.xpi [2013/07/16 11:08:33 | 000,013,596 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/19 21:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Extensions
[2013/07/16 20:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions
[2013/05/28 01:22:44 | 000,000,000 | ---D | M] (Guardiao Itau Unibanco) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/04 15:53:43 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/04 15:53:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/19 15:30:43 | 000,000,000 | ---D | M] (Modulo de Protecao - Caixa Economica Federal) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\CEF\XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: Google Docs = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Safe Money = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Content Blocker = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtual Keyboard = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: GBBD Caixa Economica Federal = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.2.0_0\
CHR - Extension: GBBD Banco do Brasil = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh\3.0.0_0\
CHR - Extension: Gmail = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2013/07/16 22:39:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (4sharedExt) - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt64.dll File not found
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [ALLUpdate] C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Facebook Update] C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8:64bit: - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O9:64bit: - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites)
O15 - HKU\S-1-5-21-3190529940-644357419-2377663512-1001\..Trusted Domains: bb.com.br ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DD97968-7B59-48B2-AA1F-E19CF22C8A45}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/16 23:12:04 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Izilda\Desktop\aswMBR.exe
[2013/07/16 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{33615BDC-8917-4512-AE0F-757124B44CE8}
[2013/07/16 20:46:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/16 20:31:44 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2013/07/16 20:11:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/16 11:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/07/16 10:56:52 | 000,031,088 | ---- | C] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2013/07/16 04:13:46 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{78A4EC10-3130-4748-8172-374730F18B25}
[2013/07/15 21:47:38 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\Pri Netbook
[2013/07/15 16:13:34 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{F542D360-97A9-4B71-A44E-32EEB6BE87BE}
[2013/07/14 21:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{7F376A60-8057-4975-82C9-180BA8408DAA}
[2013/07/13 10:24:33 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{709002C6-B7E9-4A29-8A0D-2040B4508917}
[2013/07/12 13:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/07/12 13:24:40 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/12 13:24:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/12 13:24:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/12 13:24:34 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/12 13:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/07/11 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{E9036531-A395-48A3-B556-A01C5105455D}
[2013/07/11 09:54:20 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/11 09:54:20 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/11 09:54:18 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/11 09:54:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/11 09:54:18 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/11 09:54:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 09:54:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/11 09:54:18 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/11 09:54:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/11 09:54:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/11 09:54:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/11 09:54:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/11 09:54:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/11 09:54:15 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/11 09:54:14 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/10 11:09:17 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{DD55C85F-92B9-4220-BD77-13277D5A5792}
[2013/07/10 03:06:09 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/10 03:06:09 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/10 03:06:05 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/10 03:06:04 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/10 03:04:56 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/09 23:12:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
[2013/07/09 13:46:02 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B25A8061-FCC9-4919-B44A-070025B01448}
[2013/07/08 22:59:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{53856E5D-9584-47D1-9631-DE0605A13B5E}
[2013/07/07 21:12:27 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B7510D62-D963-4EAF-B157-4783E7A3153A}
[2013/07/06 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{4150692B-F6FB-41F4-9145-C5641930319D}
[2013/07/05 14:32:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\beatriz
[2013/07/05 11:21:49 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{AB2FF86A-C266-47AC-BCBB-EBD57A5D516D}
[2013/07/04 15:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/03 09:01:50 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{3B7F2930-D7BD-4C60-9B5F-A050AF7C0C45}
[2013/07/02 01:33:44 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{8D726334-3E79-4320-B0E4-1C9C5EC5FBA5}
[2013/07/02 00:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013/07/01 23:50:48 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013/07/01 23:49:58 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/07/01 23:49:35 | 000,620,128 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/01 23:49:35 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/01 10:38:19 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{A0CF4E07-E9D0-4993-A759-16D96CB11B34}
[2013/06/29 11:30:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{49C35701-B107-49A4-B352-9E7DF7BBB4D6}
[2013/06/28 10:18:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{BC767DF4-05C2-41AF-BF2D-C211199EB61F}
[2013/06/27 18:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded
[2013/06/27 18:05:25 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B8B60196-80CC-49A8-B6A0-DDBDBE0E26C4}
[2013/06/26 13:35:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B4E8753A-8D27-4248-8129-6C5F98EDCA27}
[2013/06/25 11:22:07 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{CC2ED4AF-446C-4B8F-B5BD-35B945E06310}
[2013/06/24 22:36:03 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{259D12F7-8180-49B2-BB90-0C304CEB1436}
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2013/06/19 15:48:42 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2013/06/19 15:48:42 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2013/06/19 15:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\GAS Tecnologia
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GAS Tecnologia
[2013/06/17 12:00:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{D73F723A-F813-4EC8-9DF9-03D27FD7F101}

========== Files - Modified Within 30 Days ==========

[2013/07/17 00:53:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/17 00:49:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/16 23:57:33 | 000,000,512 | ---- | M] () -- C:\Users\Izilda\Desktop\MBR.dat
[2013/07/16 23:12:39 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Izilda\Desktop\aswMBR.exe
[2013/07/16 22:55:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/16 22:52:05 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 22:52:05 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 22:42:29 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/16 22:42:04 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/07/16 22:41:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\Windows\SysWow64\drivers\gbpndisrd.sys
[2013/07/16 22:41:57 | 000,010,266 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2013/07/16 22:41:57 | 000,003,641 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2013/07/16 22:41:57 | 000,001,814 | ---- | M] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2013/07/16 22:41:57 | 000,001,402 | ---- | M] () -- C:\Windows\SysWow64\drivers\gas.cer
[2013/07/16 22:41:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/16 22:41:46 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/16 22:39:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/07/16 21:03:32 | 000,459,264 | ---- | M] () -- C:\Users\Izilda\Desktop\CKScanner.exe
[2013/07/16 15:53:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/16 10:48:29 | 000,012,739 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins001.dat
[2013/07/16 10:48:21 | 000,720,082 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins001.exe
[2013/07/16 01:55:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/13 19:31:06 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/13 19:31:06 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/13 19:31:06 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/13 11:04:26 | 000,001,456 | ---- | M] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/07/13 10:53:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/12 13:24:26 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/12 13:24:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/12 13:24:26 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/12 13:24:25 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/07/12 13:24:25 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/11 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2013/07/11 21:01:25 | 000,000,132 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/07/11 10:02:26 | 005,000,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/11 09:58:23 | 000,246,207 | ---- | M] () -- C:\Users\Izilda\.ranktracker.properties
[2013/07/09 23:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Desktop\OTL (1).exe
[2013/07/04 17:17:07 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIZILDA-HP$.job
[2013/07/03 11:48:42 | 000,004,096 | -H-- | M] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2013/07/02 01:44:43 | 000,001,292 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013/07/02 01:41:53 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/07/02 00:43:20 | 000,002,277 | ---- | M] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys
[2013/07/02 00:35:27 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/02 00:08:55 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/07/01 23:50:49 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/07/01 10:18:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIzilda.job
[2013/06/25 02:11:26 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/19 15:48:40 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:30:45 | 000,012,679 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/06/19 15:30:42 | 000,720,594 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/17 15:01:52 | 000,183,185 | ---- | M] () -- C:\Users\Izilda\.spyglass.properties

========== Files Created - No Company Name ==========

[2013/07/16 23:57:33 | 000,000,512 | ---- | C] () -- C:\Users\Izilda\Desktop\MBR.dat
[2013/07/16 21:03:27 | 000,459,264 | ---- | C] () -- C:\Users\Izilda\Desktop\CKScanner.exe
[2013/07/16 10:56:52 | 000,010,266 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd.cat
[2013/07/16 10:56:52 | 000,003,641 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd.inf
[2013/07/16 10:56:52 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\drivers\ndisrd_m.inf
[2013/07/16 10:56:52 | 000,001,402 | ---- | C] () -- C:\Windows\SysWow64\drivers\gas.cer
[2013/07/16 10:48:25 | 000,720,082 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.exe
[2013/07/16 10:48:25 | 000,012,739 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.dat
[2013/07/02 00:43:20 | 000,002,277 | ---- | C] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:42:08 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/06/19 15:48:40 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:48:39 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013/06/19 15:30:43 | 000,720,594 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/19 15:30:43 | 000,012,679 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/05/30 22:17:35 | 000,183,185 | ---- | C] () -- C:\Users\Izilda\.spyglass.properties
[2013/05/08 00:04:57 | 000,009,327 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
[2013/03/30 00:41:17 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/30 00:41:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013/01/15 21:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\CCSETX64.SYS
[2012/12/24 19:41:11 | 000,009,330 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
[2012/11/17 01:07:04 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/11/12 22:20:34 | 000,000,892 | ---- | C] () -- C:\Users\Izilda\AppData\Local\recently-used.xbel
[2012/10/15 13:50:32 | 000,004,096 | -H-- | C] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2012/09/26 16:32:48 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/09/24 00:32:08 | 000,001,456 | ---- | C] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/09/22 01:29:31 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/09/20 03:19:56 | 000,246,207 | ---- | C] () -- C:\Users\Izilda\.ranktracker.properties
[2012/04/28 23:18:27 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/03/19 20:10:17 | 000,014,012 | ---- | C] () -- C:\Windows\hplj1010.ini
[2012/02/18 21:17:24 | 000,000,074 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/05 22:37:15 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/01/23 21:10:15 | 000,000,556 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012/01/14 19:37:01 | 000,000,477 | ---- | C] () -- C:\Users\Izilda\Desktop.lnk
[2011/10/06 14:22:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/06 14:14:52 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/06 14:02:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/08/29 22:40:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/01 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/02/01 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/01/05 23:59:11 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Ashampoo
[2012/01/15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Blio
[2012/12/16 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/19 15:36:34 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Downloaded Installations
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/14 02:05:55 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileZilla
[2013/03/15 17:16:39 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\MP3SkypeRecorder
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/07/16 14:11:52 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro PDF
[2013/05/06 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Oracle
[2013/06/28 15:58:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\PrimoPDF
[2012/01/23 21:10:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\ScanSoft
[2013/01/07 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/15 00:38:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Stellarium
[2012/01/14 19:39:13 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Synaptics
[2013/03/06 10:38:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TeamViewer
[2012/09/19 02:18:29 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Thunderbird
[2013/01/15 21:45:05 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TuneUp Software
[2012/12/15 10:30:12 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET
[2013/03/08 20:13:09 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Vono
[2012/09/20 02:19:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\WildTangent
[2012/02/11 23:45:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 22:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 02:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 22:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/21 00:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/21 00:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 22:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 22:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 19:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/05/13 02:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/05/13 01:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/21 00:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/21 00:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 00:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/08/29 21:52:51 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 22:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 22:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 22:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 22:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/21 00:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 22:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 22:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 22:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 22:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 22:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 14:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 22:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 08:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 03:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 22:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/21 00:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/21 00:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/21 00:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 03:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 22:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/21 00:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/21 00:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 00:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/21 00:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/21 00:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 00:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 22:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 02:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/21 00:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/21 00:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/21 00:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/21 00:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/21 00:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/21 00:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/21 00:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/21 00:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 00:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 22:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 19:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/21 00:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 22:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/21 00:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/29 21:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 00:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/29 21:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 00:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 18:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 02:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/04/04 02:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 02:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 02:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 02:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 02:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 02:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/16 01:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 02:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 02:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/16 01:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/16 01:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/16 01:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/16 01:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/16 01:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/16 01:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/16 01:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/16 01:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/16 01:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/16 01:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/16 01:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/16 01:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/16 01:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/16 01:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/16 01:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/16 01:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/16 01:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/16 01:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/16 01:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/16 01:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/16 01:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/16 01:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/16 01:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/16 01:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/16 01:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2013/05/10 04:57:30 | 000,558,879 | ---- | M] () MD5=3679F8D3253DC110D1D8F2AE115EE00C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/11/16 01:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.CSS >
[2010/08/31 17:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\ProgramData\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css
[2010/08/31 17:40:56 | 000,000,093 | ---- | M] () MD5=F15FB82C578490B209442B8C1D5076CC -- C:\Users\All Users\Intuit\Quicken\Inet\Common\Localweb\Services\Services.css

< MD5 for: SERVICES.EXE >
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 22:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 04:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 04:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.HTML >
[2013/06/11 13:44:18 | 000,033,542 | ---- | M] () MD5=7E44E509EC9D2F03443B8EB1D485ADA5 -- C:\Users\Izilda\Desktop\Doctor Virtual\Mockup\dv_web_design_ideas\design-HTML-2\services.html

< MD5 for: SERVICES.JSM >
[2012/01/05 08:28:02 | 000,004,403 | ---- | M] () MD5=E17B4B01394865B299FFF1EE42888A44 -- C:\Users\Izilda\Desktop\Temporario\TOR\Tor Browser\FirefoxPortable\App\Firefox\modules\Services.jsm

< MD5 for: SERVICES.LNK >
[2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 01:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 17:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 04:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 04:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 04:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 17:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 04:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 18:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PHP >
[2011/12/25 20:00:00 | 000,003,257 | ---- | M] () MD5=B124E2AAC3529AC9026F9B098E32C10F -- C:\Users\Izilda\Desktop\Applications\WHMCS\modules\reports\services.php

< MD5 for: SERVICES.PTXML >
[2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 17:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.XML >
[2010/06/28 13:42:00 | 000,000,838 | ---- | M] () MD5=DA6D6BBAB9412B2589D9C869B1F4EAFC -- C:\ProgramData\OrolixCommunicator\etc\cache\services.xml
[2010/06/28 13:42:00 | 000,000,838 | ---- | M] () MD5=DA6D6BBAB9412B2589D9C869B1F4EAFC -- C:\Users\All Users\OrolixCommunicator\etc\cache\services.xml

< MD5 for: SVCHOST.EXE >
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 22:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 22:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 00:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 00:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 00:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 00:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 00:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 00:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 1464-F26B
Directory of C:\
Jul/14/2009 02:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\Evernote
Aug/29/2011 10:19 PM <SYMLINKD> Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
0 File(s) 0 bytes
Directory of C:\ProgramData
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
Jul/14/2009 02:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
Jul/14/2009 02:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
Jul/14/2009 02:08 AM <SYMLINKD> All Users [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\ProgramData]
Jul/14/2009 02:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
Jul/14/2009 02:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
Jul/14/2009 02:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
Jul/14/2009 02:08 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
Jul/14/2009 02:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
Jul/14/2009 02:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
Jul/14/2009 02:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
Jul/14/2009 02:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
Jul/14/2009 02:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
Jul/14/2009 02:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
Jul/14/2009 02:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
Jul/14/2009 02:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
Jul/14/2009 02:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
Jul/14/2009 02:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
Jul/14/2009 02:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
Jul/14/2009 02:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
Jul/14/2009 02:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
Jul/14/2009 02:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Izilda
Jan/14/2012 07:24 PM <JUNCTION> Application Data [C:\Users\Izilda\AppData\Roaming]
Jan/14/2012 07:24 PM <JUNCTION> Cookies [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Cookies]
Jan/14/2012 07:24 PM <JUNCTION> Local Settings [C:\Users\Izilda\AppData\Local]
Jan/14/2012 07:24 PM <JUNCTION> My Documents [C:\Users\Izilda\Documents]
Jan/14/2012 07:24 PM <JUNCTION> NetHood [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
Jan/14/2012 07:24 PM <JUNCTION> PrintHood [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
Jan/14/2012 07:24 PM <JUNCTION> Recent [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Recent]
Jan/14/2012 07:24 PM <JUNCTION> SendTo [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\SendTo]
Jan/14/2012 07:24 PM <JUNCTION> Start Menu [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu]
Jan/14/2012 07:24 PM <JUNCTION> Templates [C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Izilda\AppData\Local
Jan/14/2012 07:24 PM <JUNCTION> Application Data [C:\Users\Izilda\AppData\Local]
Jan/14/2012 07:24 PM <JUNCTION> History [C:\Users\Izilda\AppData\Local\Microsoft\Windows\History]
Jan/14/2012 07:24 PM <JUNCTION> Temporary Internet Files [C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Izilda\Documents
Jan/14/2012 07:24 PM <JUNCTION> My Music [C:\Users\Izilda\Music]
Jan/14/2012 07:24 PM <JUNCTION> My Pictures [C:\Users\Izilda\Pictures]
Jan/14/2012 07:24 PM <JUNCTION> My Videos [C:\Users\Izilda\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
Jul/14/2009 02:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
Jul/14/2009 02:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
Jul/14/2009 02:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
51 Dir(s) 369,374,928,896 bytes free

< End of report >
  • 0

#23
CompCav
Posted 17 July 2013 - 01:10 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1

Download AdwCleaner from here to your desktop
Run AdwCleaner for Vista and 7 right click and select Run as administrator

Select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please post it


Step 2

  • Download RogueKiller 64 and save it on your desktop.
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.com

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.


Step 3

Please post:

AdwCleaner.txt
All RKreport.txt files


Also please give me an update on any issues.
  • 0

#24
Andre Silva
Posted 17 July 2013 - 01:57 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hello CompCav, how are you?

Here goes all logs:

# AdwCleaner v2.305 - Logfile created 07/17/2013 at 16:39:16
# Updated 11/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Izilda - IZILDA-HP
# Boot Mode : Normal
# Running from : C:\Users\Izilda\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\bprotector_extensions.sqlite
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\midicairus
Folder Deleted : C:\Program Files (x86)\searchresults
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Izilda\AppData\Local\Conduit
Folder Deleted : C:\Users\Izilda\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Izilda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Izilda\AppData\LocalLow\midicairus
Folder Deleted : C:\Users\Izilda\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AppDataLow\Software\midicairus
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\5a2d8dde23eea13
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3184201
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\Software\midicairus
Key Deleted : HKLM\Software\PrimoPDF\OpenCandy
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5a2d8dde23eea13
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92EF81C1-4E9D-4EBF-9B59-3653BC0C102E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E88D05A9-96B4-448E-85E2-F8CA4F04A801}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\midicairus Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\prefs.js

C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "1464f26b0000000000009439e56d1e06");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15657");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.823:01:13");

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [17029 octets] - [17/07/2013 16:39:16]

########## EOF - C:\AdwCleaner[S1].txt - [17090 octets] ##########

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Izilda [Admin rights]
Mode : Scan -- Date : 07/17/2013 16:53:21
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND
[V2][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿ₫1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 36b66b7330f2e9470241cc3743abd88b
[BSP] 99d9fa79edc458bda7849fa291b78f95 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 592813 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1214490624 | Size: 17363 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 14925227e19e30363f7941045a46ee3e
[BSP] 99d9fa79edc458bda7849fa291b78f95 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07172013_165321.txt >>

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Izilda [Admin rights]
Mode : Remove -- Date : 07/17/2013 16:55:09
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED
[V2][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿ₫1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 36b66b7330f2e9470241cc3743abd88b
[BSP] 99d9fa79edc458bda7849fa291b78f95 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 592813 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1214490624 | Size: 17363 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 14925227e19e30363f7941045a46ee3e
[BSP] 99d9fa79edc458bda7849fa291b78f95 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_D_07172013_165509.txt >>
RKreport[0]_S_07172013_165321.txt

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Izilda [Admin rights]
Mode : Shortcuts HJfix -- Date : 07/17/2013 16:55:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe [-] -> KILLED [TermProc]

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 11 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 2 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 9 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume4 -- 0x3 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[0]_SC_07172013_165554.txt >>
RKreport[0]_D_07172013_165509.txt;RKreport[0]_S_07172013_165321.txt
  • 0

#25
CompCav
Posted 17 July 2013 - 02:02 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Any issues?
  • 0

Advertisements

#26
Andre Silva
Posted 17 July 2013 - 02:12 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Not as far as I can tell.

Anything else recommended?

Thanks for all again!
  • 0

#27
CompCav
Posted 17 July 2013 - 02:20 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

  • Right click and select Run as administrator Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click the Udate tab, click check for update and allow it to update.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log

Please give me an update on how your computer is doing!
  • 0

#28
Andre Silva
Posted 18 July 2013 - 07:31 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hello CompCav,

This run took quite a bit of time. Here follows the logs:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Izilda :: IZILDA-HP [administrator]

Jul/17/2013 5:47:20 PM
mbam-log-2013-07-17 (17-47-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220218
Time elapsed: 9 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

C:\Program Files (x86)\FoxTabPDFCreator\message.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files (x86)\SecurityXploded\FTPPasswordKracker\FTPPasswordKracker.exe a variant of Win32/SecurityXploded.A application cleaned by deleting - quarantined
C:\Users\Izilda\Desktop\Applications\FTP\FTPPasswordKracker.zip a variant of Win32/SecurityXploded.A application deleted - quarantined
C:\Users\Izilda\Desktop\Applications\FTP\FTPPasswordSniffer.zip a variant of Win32/SecurityXploded.A application deleted - quarantined
C:\Users\Izilda\Desktop\Applications\FTP\FTPPasswordKracker\Setup_FTPPasswordKracker.exe a variant of Win32/SecurityXploded.A application cleaned by deleting - quarantined
C:\Users\Izilda\Desktop\Applications\FTP\FTPPasswordSniffer\Setup_FTPPasswordSniffer.exe a variant of Win32/SecurityXploded.A application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\42762_Futura-Bk-BT-Book-DW.exe a variant of Win32/InstallCore.AZ application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\cbsidlm-tr1_13-Skype_Spy_Monitor_2013-ORG-75444695.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\cbsidlm-tr1_9-Email_Extractor-ORG2-10527464.exe multiple threats cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\iLividSetup (1).exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\installer_X_Fowers_Detail_White_Orchid_Flower_367502_wallpaper.exe a variant of Win32/Vittalia.E application cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\OpenSubtitlesPlayerIM.exe multiple threats cleaned by deleting - quarantined
C:\Users\Izilda\Downloads\revo-uninstaller-194-baixaki-32-bits.exe a variant of Win32/InstallCore.BE application cleaned by deleting - quarantined
C:\_OTL\MovedFiles\07162013_223913\C_Users\Izilda\downloads\keygen_coreldrawx6.rar.exe Win32/InstalleRex.J application cleaned by deleting - quarantined
C:\_OTL\MovedFiles\07162013_223913\C_Users\Izilda\downloads\Scrapebox V1.15.66 CRACKED.rar.exe Win32/InstalleRex.J application cleaned by deleting - quarantined
C:\_OTL\MovedFiles\07162013_223913\C_Users\Izilda\downloads\Adobe Dreamweaver CS5 [Win]-[CyberPiraten]\Activation Blocker.cmd BAT/HostsChanger.A application cleaned by deleting - quarantined

Results of screen317's Security Check version 0.99.70
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SEO SpyGlass
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Adobe Flash Player 11.7.700.202
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Anti-Virus 2013 avp.exe
Kaspersky Lab Kaspersky Anti-Virus 2013 x64 wmi64.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#29
CompCav
Posted 18 July 2013 - 07:38 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Do you have the Kaspersky firewall?
  • 0

#30
Andre Silva
Posted 18 July 2013 - 08:48 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hi CompCav,

I had Kasper OFF while doing the ESET scan because I received a warning that having Kasper ON would interfere with the scan. Therefore, I shut it OFF during the scan. I'm thinking about installing Avast instead. Any ideas?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP